X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fusermanager.cpp;h=f18ea91d4c6651d7902b51b8cfd7f571629101f4;hb=e0dc7691c4cff3a38bc12adf10b3709d8c4901ba;hp=d518b790efa1c06046ea0f2765426523a2996d78;hpb=de6bba7882bc53b5a23e4854069d4846616f2001;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/usermanager.cpp b/src/usermanager.cpp index d518b790e..c7aaa5c11 100644 --- a/src/usermanager.cpp +++ b/src/usermanager.cpp @@ -1,138 +1,232 @@ -/* +------------------------------------+ - * | Inspire Internet Relay Chat Daemon | - * +------------------------------------+ +/* + * InspIRCd -- Internet Relay Chat Daemon * - * InspIRCd: (C) 2002-2008 InspIRCd Development Team - * See: http://www.inspircd.org/wiki/index.php/Credits + * Copyright (C) 2019 iwalkalone + * Copyright (C) 2019 Matt Schatz + * Copyright (C) 2013-2016, 2018 Attila Molnar + * Copyright (C) 2013, 2018-2020 Sadie Powell + * Copyright (C) 2013, 2015 Adam + * Copyright (C) 2013 Daniel Vassdal + * Copyright (C) 2012, 2019 Robby + * Copyright (C) 2009-2010 Daniel De Graaf + * Copyright (C) 2009 Uli Schlachter + * Copyright (C) 2008-2010 Craig Edwards + * Copyright (C) 2008 Robin Burchell * - * This program is free but copyrighted software; see - * the file COPYING for details. + * This file is part of InspIRCd. InspIRCd is free software: you can + * redistribute it and/or modify it under the terms of the GNU General Public + * License as published by the Free Software Foundation, version 2. * - * --------------------------------------------------- + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more + * details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . */ -/* $Core: libIRCDusermanager */ #include "inspircd.h" #include "xline.h" -#include "bancache.h" +#include "iohook.h" -/* add a client connection to the sockets list */ -void UserManager::AddClient(InspIRCd* Instance, int socket, int port, bool iscached, int socketfamily, sockaddr* ip) +namespace { - /* NOTE: Calling this one parameter constructor for User automatically - * allocates a new UUID and places it in the hash_map. - */ - User* New = NULL; - try - { - New = new User(Instance); - } - catch (...) + class WriteCommonQuit : public User::ForEachNeighborHandler { - Instance->Log(DEFAULT,"*** WTF *** Duplicated UUID! -- Crack smoking monkies have been unleashed."); - Instance->WriteOpers("*** WARNING *** Duplicate UUID allocated!"); - return; - } + ClientProtocol::Messages::Quit quitmsg; + ClientProtocol::Event quitevent; + ClientProtocol::Messages::Quit operquitmsg; + ClientProtocol::Event operquitevent; - Instance->Log(DEBUG,"New user fd: %d", socket); + void Execute(LocalUser* user) CXX11_OVERRIDE + { + user->Send(user->IsOper() ? operquitevent : quitevent); + } - int j = 0; + public: + WriteCommonQuit(User* user, const std::string& msg, const std::string& opermsg) + : quitmsg(user, msg) + , quitevent(ServerInstance->GetRFCEvents().quit, quitmsg) + , operquitmsg(user, opermsg) + , operquitevent(ServerInstance->GetRFCEvents().quit, operquitmsg) + { + user->ForEachNeighbor(*this, false); + } + }; - Instance->unregistered_count++; + void CheckPingTimeout(LocalUser* user) + { + // Check if it is time to ping the user yet. + if (ServerInstance->Time() < user->nextping) + return; - char ipaddr[MAXBUF]; -#ifdef IPV6 - if (socketfamily == AF_INET6) - inet_ntop(AF_INET6, &((const sockaddr_in6*)ip)->sin6_addr, ipaddr, sizeof(ipaddr)); - else -#endif - inet_ntop(AF_INET, &((const sockaddr_in*)ip)->sin_addr, ipaddr, sizeof(ipaddr)); + // This user didn't answer the last ping, remove them. + if (!user->lastping) + { + ModResult res; + FIRST_MOD_RESULT(OnConnectionFail, res, (user, I_ERR_TIMEOUT)); + if (res == MOD_RES_ALLOW) + { + // A module is preventing this user from being timed out. + user->lastping = 1; + user->nextping = ServerInstance->Time() + user->MyClass->GetPingTime(); + return; + } - New->SetSockAddr(socketfamily, ipaddr, port); + time_t secs = ServerInstance->Time() - (user->nextping - user->MyClass->GetPingTime()); + const std::string message = "Ping timeout: " + ConvToStr(secs) + (secs != 1 ? " seconds" : " second"); + ServerInstance->Users.QuitUser(user, message); + return; + } - New->SetFd(socket); + // Send a ping to the client. + ClientProtocol::Messages::Ping ping; + user->Send(ServerInstance->GetRFCEvents().ping, ping); + user->lastping = 0; + user->nextping = ServerInstance->Time() + user->MyClass->GetPingTime(); + } - /* Smarter than your average bear^H^H^H^Hset of strlcpys. */ - for (const char* temp = New->GetIPString(); *temp && j < 64; temp++, j++) - New->dhost[j] = New->host[j] = *temp; - New->dhost[j] = New->host[j] = 0; + void CheckRegistrationTimeout(LocalUser* user) + { + if (user->GetClass() && (ServerInstance->Time() > (user->signon + user->GetClass()->GetRegTimeout()))) + { + // Either the user did not send NICK/USER or a module blocked registration in + // OnCheckReady until the client timed out. + ServerInstance->Users.QuitUser(user, "Registration timeout"); + } + } - Instance->Users->AddLocalClone(New); - Instance->Users->AddGlobalClone(New); + void CheckModulesReady(LocalUser* user) + { + ModResult res; + FIRST_MOD_RESULT(OnCheckReady, res, (user)); + if (res == MOD_RES_PASSTHRU) + { + // User has sent NICK/USER and modules are ready. + user->FullConnect(); + return; + } - /* - * First class check. We do this again in FullConnect after DNS is done, and NICK/USER is recieved. - * See my note down there for why this is required. DO NOT REMOVE. :) -- w00t - */ - ConnectClass* i = New->SetClass(); + // If the user has been quit in OnCheckReady then we shouldn't quit + // them again for having a registration timeout. + if (!user->quitting) + CheckRegistrationTimeout(user); + } +} + +UserManager::UserManager() + : already_sent_id(0) + , unregistered_count(0) +{ +} - if (!i) +UserManager::~UserManager() +{ + for (user_hash::iterator i = clientlist.begin(); i != clientlist.end(); ++i) { - User::QuitUser(Instance, New, "Access denied by configuration"); - return; + delete i->second; } +} - /* - * Check connect class settings and initialise settings into User. - * This will be done again after DNS resolution. -- w00t - */ - New->CheckClass(); +void UserManager::AddUser(int socket, ListenSocket* via, irc::sockets::sockaddrs* client, irc::sockets::sockaddrs* server) +{ + // User constructor allocates a new UUID for the user and inserts it into the uuidlist + LocalUser* const New = new LocalUser(socket, client, server); + UserIOHandler* eh = &New->eh; - Instance->local_users.push_back(New); + ServerInstance->Logs->Log("USERS", LOG_DEBUG, "New user fd: %d", socket); - if ((Instance->local_users.size() > Instance->Config->SoftLimit) || (Instance->local_users.size() >= MAXCLIENTS)) + this->unregistered_count++; + this->clientlist[New->nick] = New; + this->AddClone(New); + this->local_users.push_front(New); + FOREACH_MOD(OnUserInit, (New)); + + if (!SocketEngine::AddFd(eh, FD_WANT_FAST_READ | FD_WANT_EDGE_WRITE)) { - Instance->WriteOpers("*** Warning: softlimit value has been reached: %d clients", Instance->Config->SoftLimit); - User::QuitUser(Instance, New,"No more connections allowed"); + ServerInstance->Logs->Log("USERS", LOG_DEBUG, "Internal error on new connection"); + this->QuitUser(New, "Internal error handling connection"); return; } - /* - * XXX - - * this is done as a safety check to keep the file descriptors within range of fd_ref_table. - * its a pretty big but for the moment valid assumption: - * file descriptors are handed out starting at 0, and are recycled as theyre freed. - * therefore if there is ever an fd over 65535, 65536 clients must be connected to the - * irc server at once (or the irc server otherwise initiating this many connections, files etc) - * which for the time being is a physical impossibility (even the largest networks dont have more - * than about 10,000 users on ONE server!) - */ -#ifndef WINDOWS - if ((unsigned int)socket >= MAX_DESCRIPTORS) + // If this listener has an IO hook provider set then tell it about the connection + for (ListenSocket::IOHookProvList::iterator i = via->iohookprovs.begin(); i != via->iohookprovs.end(); ++i) { - User::QuitUser(Instance, New, "Server is full"); + ListenSocket::IOHookProvRef& iohookprovref = *i; + if (!iohookprovref) + { + if (!iohookprovref.GetProvider().empty()) + { + ServerInstance->Logs->Log("USERS", LOG_DEBUG, "Non-existent I/O hook '%s' in tag at %s", + iohookprovref.GetProvider().c_str(), + i == via->iohookprovs.begin() ? "hook" : "sslprofile", + via->bind_tag->getTagLocation().c_str()); + this->QuitUser(New, "Internal error handling connection"); + return; + } + continue; + } + + iohookprovref->OnAccept(eh, client, server); + + // IOHook could have encountered a fatal error, e.g. if the TLS ClientHello + // was already in the queue and there was no common TLS version. + if (!eh->getError().empty()) + { + QuitUser(New, eh->getError()); + return; + } + } + + if (this->local_users.size() > ServerInstance->Config->SoftLimit) + { + ServerInstance->SNO->WriteToSnoMask('a', "Warning: softlimit value has been reached: %d clients", ServerInstance->Config->SoftLimit); + this->QuitUser(New,"No more connections allowed"); return; } -#endif + + // First class check. We do this again in LocalUser::FullConnect() after DNS is done, and NICK/USER is received. + New->SetClass(); + // If the user doesn't have an acceptable connect class CheckClass() quits them + New->CheckClass(ServerInstance->Config->CCOnConnect); + if (New->quitting) + return; + /* * even with bancache, we still have to keep User::exempt current. * besides that, if we get a positive bancache hit, we still won't fuck * them over if they are exempt. -- w00t */ - New->exempt = (Instance->XLines->MatchesLine("E",New) != NULL); + New->exempt = (ServerInstance->XLines->MatchesLine("E",New) != NULL); - if (BanCacheHit *b = Instance->BanCache->GetHit(New->GetIPString())) + BanCacheHit* const b = ServerInstance->BanCache.GetHit(New->GetIPString()); + if (b) { if (!b->Type.empty() && !New->exempt) { /* user banned */ - Instance->Log(DEBUG, std::string("BanCache: Positive hit for ") + New->GetIPString()); - if (*Instance->Config->MoronBanner) - New->WriteServ("NOTICE %s :*** %s", New->nick, Instance->Config->MoronBanner); - User::QuitUser(Instance, New, b->Reason); + ServerInstance->Logs->Log("BANCACHE", LOG_DEBUG, "BanCache: Positive hit for " + New->GetIPString()); + if (!ServerInstance->Config->XLineMessage.empty()) + New->WriteNumeric(ERR_YOUREBANNEDCREEP, ServerInstance->Config->XLineMessage); + + if (ServerInstance->Config->HideBans) + this->QuitUser(New, b->Type + "-lined", &b->Reason); + else + this->QuitUser(New, b->Reason); return; } else { - Instance->Log(DEBUG, std::string("BanCache: Negative hit for ") + New->GetIPString()); + ServerInstance->Logs->Log("BANCACHE", LOG_DEBUG, "BanCache: Negative hit for " + New->GetIPString()); } } else { if (!New->exempt) { - XLine* r = Instance->XLines->MatchesLine("Z",New); + XLine* r = ServerInstance->XLines->MatchesLine("Z",New); if (r) { @@ -142,85 +236,200 @@ void UserManager::AddClient(InspIRCd* Instance, int socket, int port, bool iscac } } - if (socket > -1) - { - if (!Instance->SE->AddFd(New)) - { - Instance->Log(DEBUG,"Internal error on new connection"); - User::QuitUser(Instance, New, "Internal error handling connection"); - } - } + if (ServerInstance->Config->RawLog) + New->WriteNotice("*** Raw I/O logging is enabled on this server. All messages, passwords, and commands are being recorded."); - /* NOTE: even if dns lookups are *off*, we still need to display this. - * BOPM and other stuff requires it. - */ - New->WriteServ("NOTICE Auth :*** Looking up your hostname..."); + FOREACH_MOD(OnSetUserIP, (New)); + if (!New->quitting) + FOREACH_MOD(OnUserPostInit, (New)); +} - if (Instance->Config->NoUserDns) +void UserManager::QuitUser(User* user, const std::string& quitmessage, const std::string* operquitmessage) +{ + if (user->quitting) { - New->dns_done = true; + ServerInstance->Logs->Log("USERS", LOG_DEFAULT, "ERROR: Tried to quit quitting user: " + user->nick); + return; } - else + + if (IS_SERVER(user)) { - New->StartDNSLookup(); + ServerInstance->Logs->Log("USERS", LOG_DEFAULT, "ERROR: Tried to quit server user: " + user->nick); + return; } -} -void UserManager::AddLocalClone(User *user) -{ - clonemap::iterator x = local_clones.find(user->GetIPString()); - if (x != local_clones.end()) - x->second++; + std::string quitmsg(quitmessage); + std::string operquitmsg; + if (operquitmessage) + operquitmsg.assign(*operquitmessage); + + LocalUser* const localuser = IS_LOCAL(user); + if (localuser) + { + ModResult MOD_RESULT; + FIRST_MOD_RESULT(OnUserPreQuit, MOD_RESULT, (localuser, quitmsg, operquitmsg)); + if (MOD_RESULT == MOD_RES_DENY) + return; + } + + if (quitmsg.length() > ServerInstance->Config->Limits.MaxQuit) + quitmsg.erase(ServerInstance->Config->Limits.MaxQuit + 1); + + if (operquitmsg.empty()) + operquitmsg.assign(quitmsg); + else if (operquitmsg.length() > ServerInstance->Config->Limits.MaxQuit) + operquitmsg.erase(ServerInstance->Config->Limits.MaxQuit + 1); + + user->quitting = true; + ServerInstance->Logs->Log("USERS", LOG_DEBUG, "QuitUser: %s=%s '%s'", user->uuid.c_str(), user->nick.c_str(), quitmessage.c_str()); + if (localuser) + { + ClientProtocol::Messages::Error errormsg(InspIRCd::Format("Closing link: (%s@%s) [%s]", user->ident.c_str(), user->GetRealHost().c_str(), operquitmsg.c_str())); + localuser->Send(ServerInstance->GetRFCEvents().error, errormsg); + } + + ServerInstance->GlobalCulls.AddItem(user); + + if (user->registered == REG_ALL) + { + FOREACH_MOD(OnUserQuit, (user, quitmsg, operquitmsg)); + WriteCommonQuit(user, quitmsg, operquitmsg); + } else - local_clones[user->GetIPString()] = 1; + unregistered_count--; + + if (IS_LOCAL(user)) + { + LocalUser* lu = IS_LOCAL(user); + FOREACH_MOD(OnUserDisconnect, (lu)); + lu->eh.Close(); + + if (lu->registered == REG_ALL) + ServerInstance->SNO->WriteToSnoMask('q',"Client exiting: %s (%s) [%s]", user->GetFullRealHost().c_str(), user->GetIPString().c_str(), operquitmsg.c_str()); + local_users.erase(lu); + } + + if (!clientlist.erase(user->nick)) + ServerInstance->Logs->Log("USERS", LOG_DEFAULT, "ERROR: Nick not found in clientlist, cannot remove: " + user->nick); + + uuidlist.erase(user->uuid); + user->PurgeEmptyChannels(); + user->UnOper(); } -void UserManager::AddGlobalClone(User *user) +void UserManager::AddClone(User* user) { - clonemap::iterator y = global_clones.find(user->GetIPString()); - if (y != global_clones.end()) - y->second++; - else - global_clones[user->GetIPString()] = 1; + CloneCounts& counts = clonemap[user->GetCIDRMask()]; + counts.global++; + if (IS_LOCAL(user)) + counts.local++; } void UserManager::RemoveCloneCounts(User *user) { - clonemap::iterator x = local_clones.find(user->GetIPString()); - if (x != local_clones.end()) + CloneMap::iterator it = clonemap.find(user->GetCIDRMask()); + if (it != clonemap.end()) { - x->second--; - if (!x->second) + CloneCounts& counts = it->second; + counts.global--; + if (counts.global == 0) { - local_clones.erase(x); + // No more users from this IP, remove entry from the map + clonemap.erase(it); + return; } + + if (IS_LOCAL(user)) + counts.local--; } - - clonemap::iterator y = global_clones.find(user->GetIPString()); - if (y != global_clones.end()) +} + +void UserManager::RehashCloneCounts() +{ + clonemap.clear(); + + const user_hash& hash = ServerInstance->Users.GetUsers(); + for (user_hash::const_iterator i = hash.begin(); i != hash.end(); ++i) { - y->second--; - if (!y->second) - { - global_clones.erase(y); - } + User* u = i->second; + AddClone(u); } } -unsigned long UserManager::GlobalCloneCount(User *user) +const UserManager::CloneCounts& UserManager::GetCloneCounts(User* user) const { - clonemap::iterator x = global_clones.find(user->GetIPString()); - if (x != global_clones.end()) - return x->second; + CloneMap::const_iterator it = clonemap.find(user->GetCIDRMask()); + if (it != clonemap.end()) + return it->second; else - return 0; + return zeroclonecounts; } -unsigned long UserManager::LocalCloneCount(User *user) +void UserManager::ServerNoticeAll(const char* text, ...) { - clonemap::iterator x = local_clones.find(user->GetIPString()); - if (x != local_clones.end()) - return x->second; - else - return 0; + std::string message; + VAFORMAT(message, text, text); + ClientProtocol::Messages::Privmsg msg(ClientProtocol::Messages::Privmsg::nocopy, ServerInstance->FakeClient, ServerInstance->Config->GetServerName(), message, MSG_NOTICE); + ClientProtocol::Event msgevent(ServerInstance->GetRFCEvents().privmsg, msg); + + for (LocalList::const_iterator i = local_users.begin(); i != local_users.end(); ++i) + { + LocalUser* user = *i; + user->Send(msgevent); + } +} + +/** + * This function is called once a second from the mainloop. + * It is intended to do background checking on all the users, e.g. do + * ping checks, registration timeouts, etc. + */ +void UserManager::DoBackgroundUserStuff() +{ + for (LocalList::iterator i = local_users.begin(); i != local_users.end(); ) + { + // It's possible that we quit the user below due to ping timeout etc. and QuitUser() removes it from the list + LocalUser* curr = *i; + ++i; + + if (curr->CommandFloodPenalty || curr->eh.getSendQSize()) + { + unsigned int rate = curr->MyClass->GetCommandRate(); + if (curr->CommandFloodPenalty > rate) + curr->CommandFloodPenalty -= rate; + else + curr->CommandFloodPenalty = 0; + curr->eh.OnDataReady(); + } + + switch (curr->registered) + { + case REG_ALL: + CheckPingTimeout(curr); + break; + + case REG_NICKUSER: + CheckModulesReady(curr); + break; + + default: + CheckRegistrationTimeout(curr); + break; + } + } +} + +already_sent_t UserManager::NextAlreadySentId() +{ + if (++already_sent_id == 0) + { + // Wrapped around, reset the already_sent ids of all users + already_sent_id = 1; + for (LocalList::iterator i = local_users.begin(); i != local_users.end(); ++i) + { + LocalUser* user = *i; + user->already_sent = 0; + } + } + return already_sent_id; }